Free Training Resourses. Free training courses, audio, video, software & tests - http://free.trainingnews.co.uk
How To Break Web Software - A look at security vulnerabilities in web software
http://free.trainingnews.co.uk/listings/38/1/How-To-Break-Web-Software---A-look-at-security-vulnerabilities-in-web-software.html
Dick James
Dick James has been the editor of UK Training News since it was launched. He has been a professional writer, trainer and educator. Previously, he worked for five years in the higher education sector and with an independent training provider for over ten years. He has written numerous papers, articles and training manuals.

UK Training News 
By Dick James
Published on 04/3/2007
 
Mike Andrews is a senior consultant who specializes in software security and leads the web application security assessments and Ultimate Web Hacking classes for Foundstone.
Software Security

Mike Andrews is a senior consultant who specializes in software security and leads the ... all » web application security assessments and Ultimate Web Hacking classes for Foundstone.

ABSTRACT It all started out as a place to share physics documents, but has grown into potentially mankind's largest and most complex creation. The World Wide Web is a lot of things - a soapbox for everyone, a giant shopping mall, an application platform, and unfortunately a hacker's playground.

As more applications get "web-ified" moving from the desktop or legacy systems onto the web, attackers follow the vulnerabilities. Without sophisticated tools or "1337 5x1llz", web applications are now the most attacked technology, with the majority of attacks categorized as "easily exploitable".

So, before your application is placed out into one of the most hostile environments, how do you stop your software from being "0wn3d" by the 14 year old in their blacked-out bedroom, or being used by a Russian crime cartel?

In this TechTalk, Mike Andrews will look at how web applications are attacked, walk through a testing framework for evaluating the security of an application and take some deep-dives into a few interesting and common vulnerabilities and how they can be exploited.

http://www.google.com/